The vulnerabilities of the WebAdmin and WebClient interfaces of the SFTPGo file transfer and storage server allow attackers to circumvent existing security restrictions and enhance their privileges.

The vulnerability of the WebAdmin and WebClient interfaces of the SFTPGo file transfer and storage server is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by resetting user passwords and...

The vulnerability of the user interface of the SAP CRM WebClient UI, which allows an attacker to perform XSS attacks.

The vulnerability of the SAP CRM WebClient UI user interface lies in the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows an attacker to execute XSS attacks remotely...

PT-2023-19673 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions WEBCUIF 748, 800, 801, S4FND 102, 103 Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability. On successful exploitation, an...

SAP CRM WebClient UI Cross-Site Scripting Vulnerability (CNVD-2019-04862)

SAP CRM Customer Relationship Management is a set of German SAP SAP company's customer relationship management solutions. The program includes sales management, marketing management, customer service systems and other modules. SAPSCORE, S4FND and WEBCUIF are among the Web client interface...

HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...